CVE-2023-24491

HIGH

Citrix Secure Access - Privilege Escalation

Title source: llm
STIX 2.1

Description

A vulnerability has been discovered in the Citrix Secure Access client for Windows which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM.

Scores

CVSS v3 7.8
EPSS 0.0020
EPSS Percentile 10.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-269
Status published
Products (1)
citrix/secure_access_client < 23.5.1.3
Published Jul 11, 2023
Tracked Since Feb 18, 2026